package com.honeywen.mymvc.controller;

import com.honeywen.mymvc.entity.ActiveUser;
import com.honeywen.mymvc.security.MyHelloRealm;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpSession;

/**
 * @author wangwei
 * @date 2019/1/18 下午6:08
 */
public class LoginController {

    @Autowired
    private MyHelloRealm realm;

    @RequestMapping("/login")
    public String login(HttpSession session, String randomCode, String usercode, String password) throws Exception {

        String validateCode = (String) session.getAttribute("validateCode");

        if (!randomCode.equals(validateCode)) {
            throw new Exception("validate code error!");
        }

        ActiveUser user = realm.authenticate(usercode, password);
        session.setAttribute("activeUser", user);

        return "redirect:/index";

    }
}
